1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Script Needed

Discussion in 'Tomato Firmware' started by gptro81, Feb 10, 2009.

  1. gptro81

    gptro81 Addicted to LI Member

    I'm trying to block all ports except for port 21, 1863, 443, 80, by placing this

    iptables -I FORWARD 1 -p tcp -s -d 0/0 -m mport --dports 21,1863,80,443 -j ACCEPT

    iptables -I FORWARD 2 -p udp -s -d 0/0 --dport 53 -j ACCEPT

    iptables -I FORWARD 3 -p icmp -s -d 0/0 -j ACCEPT

    iptables -I FORWARD 4 -s -d 0/0 -j DROP

    under administration> scripts> firewall, and it works just right, but I want to just enable it during certain hours of the day, like : from 12:00pm to 9:00pm and from 9:01pm to 11:00am to have all ports open.
    Can some one please tell me how to do that with a script ?.

    Thank You !.
  2. gptro81

    gptro81 Addicted to LI Member

    Any one ?:frown:
  3. Planiwa

    Planiwa LI Guru Member

    Perhaps everyone thought it's too easy:

    Admin > Scheduler

    gives you 3 custom scripts. it appears that you want to divide the day into 2 periods. that only needs two of those.

    Assuming those are the only iptables rules, all you need to do is restart FW.

    "service FW restart" seems to do nothing.

    but "service upnp start" does restart FW, even if upnp was up.
    if you don't want upnp, "service upnp restarts FW" even if upnp was off.

    Kludgey but useful to know. Perhaps others have more elegant suggestions.

    Of course you could have a time-aware FW-up script, and then use the scheduler just to restart the FW at the change-times.

    Of course you could use cru to do that, and forget that scheduler.
  4. gptro81

    gptro81 Addicted to LI Member

    Thank you Planiwa but I think I wont be using those rules anymmore, I realized that my access restriction wont work when using those rules.

Share This Page